Adaptive ambient services

ABSTRACT

Adaptive ambient services are provided. In some embodiments, an adaptive ambient service includes providing an ambient service profile. In some embodiments, an ambient service includes implementing an ambient service profile for assisting control of the communications device use of an ambient service on a wireless network, in which the ambient service profile includes a plurality of service policy settings, and in which the ambient service profile is associated with an ambient service plan that provides for initial access to the ambient service with limited service capabilities prior to activation of a new service plan; monitoring use of the ambient service based on the ambient service profile; and adapting the ambient service profile based on the monitored use of the ambient service.

BACKGROUND

With the advent of mass market digital communications, applications andcontent distribution, many access networks such as wireless networks,cable networks and DSL (Digital Subscriber Line) networks are pressedfor user capacity, with, for example, EVDO (Evolution-Data Optimized),HSPA (High Speed Packet Access), LTE (Long Term Evolution), WiMax(Worldwide Interoperability for Microwave Access), DOCSIS, DSL, andWi-Fi (Wireless Fidelity) becoming user capacity constrained. In thewireless case, although network capacity will increase with new highercapacity wireless radio access technologies, such as MIMO(Multiple-Input Multiple-Output), and with more frequency spectrum andcell splitting being deployed in the future, these capacity gains arelikely to be less than what is required to meet growing digitalnetworking demand.

Similarly, although wire line access networks, such as cable and DSL,can have higher average capacity per user compared to wireless, wireline user service consumption habits are trending toward very highbandwidth applications and content that can quickly consume theavailable capacity and degrade overall network service experience.Because some components of service provider costs go up with increasingbandwidth, this trend will also negatively impact service providerprofits.

BRIEF DESCRIPTION OF THE DRAWINGS

Various embodiments of the invention are disclosed in the followingdetailed description and the accompanying drawings.

FIG. 1 illustrates a wireless network architecture for providingadaptive ambient service in accordance with some embodiments.

FIG. 2 illustrates a wireless network architecture for providingadaptive ambient service including a proxy server in accordance withsome embodiments.

FIG. 3 illustrates a flow diagram for providing adaptive ambient servicein accordance with some embodiments.

FIG. 4 illustrates another flow diagram for providing adaptive ambientservice in accordance with some embodiments.

FIG. 5 illustrates another flow diagram for providing adaptive ambientservice in accordance with some embodiments.

FIG. 6 illustrates another flow diagram for providing adaptive ambientservice in accordance with some embodiments.

FIG. 7 illustrates a flow diagram for providing adaptive ambient servicefor a surf-out option in accordance with some embodiments.

DETAILED DESCRIPTION

The invention can be implemented in numerous ways, including as aprocess; an apparatus; a system; a composition of matter; a computerprogram product embodied on a computer readable storage medium; and/or aprocessor, such as a processor configured to execute instructions storedon and/or provided by a memory coupled to the processor. In thisspecification, these implementations, or any other form that theinvention may take, may be referred to as techniques. In general, theorder of the steps of disclosed processes may be altered within thescope of the invention. Unless stated otherwise, a component such as aprocessor or a memory described as being configured to perform a taskmay be implemented as a general component that is temporarily configuredto perform the task at a given time or a specific component that ismanufactured to perform the task. As used herein, the term ‘processor’refers to one or more devices, circuits, and/or processing coresconfigured to process data, such as computer program instructions.

A detailed description of one or more embodiments of the invention isprovided below along with accompanying figures that illustrate theprinciples of the invention. The invention is described in connectionwith such embodiments, but the invention is not limited to anyembodiment. The scope of the invention is limited only by the claims andthe invention encompasses numerous alternatives, modifications andequivalents. Numerous specific details are set forth in the followingdescription in order to provide a thorough understanding of theinvention. These details are provided for the purpose of example and theinvention may be practiced according to the claims without some or allof these specific details. For the purpose of clarity, technicalmaterial that is known in the technical fields related to the inventionhas not been described in detail so that the invention is notunnecessarily obscured.

In some embodiments, adaptive ambient services for a device (e.g., anytype of device capable of communicating with a wireless network) or useof a service on a wireless network are provided. In some embodiments, anambient experience is the user experience that is available at the timethe device is sold in the event the user has not yet signed up for aservice plan or the device is not sold with a prepaid service plan orother required service plan. In some embodiments, an ambient servicegenerally refers to a set of application access, network destinations,sources, and/or traffic control rules to enable an ambient serviceexperience, and, in some embodiments, also includes a set of billingrules to keep an accounting of service usage for different serviceusages (e.g., various bill by account rules or service usage accounts).For example, the ambient experience can be defined by an ambient serviceprofile, an ambient service plan, the other service usage activitycontrol policies, and/or the ambient service or ambient experiencebill-by-account usage accounting and/or billing policies in effect inthe network, on the device, on an intermediate networking device, or anycombination thereof.

For example, if a service processor (e.g., on the device, theintermediate networking device, or both) is used in large part to definethe ambient service profile, then the initial provisioning andactivation settings in the service processor, and possibly a servicecontroller in the network, can define the user service upgrade offeringchoices, network destination access control possibilities, trafficcontrol policies, mobile commerce transaction capabilities (e.g., whichtransaction websites, WAP sites or portals the user can access topurchase information, content, music, games and/or eBooks), possiblyfree news or weather or other modest bandwidth Internet services thatare provided free of charge to entice the user into using/upgrading theservice or using the transactions or viewing advertisements, whatadvertisements are displayed to the user or what advertisement basedwebsites the user is exposed to, certain applications may have accesswhile others are blocked (e.g., Internet based text services have accessbut email downloads do not), or various other example servicecapabilities related to, for example, any set of application access,destinations, sources, traffic control rules to enable an ambientservice experience, and/or a set of billing rules to keep an accountingof service usage for different service usages (e.g., various bill byaccount rules or service usage accounts). Examples of the type of usefulservices that can be enabled with the ambient service techniquesdisclosed herein include the following embodiments. In some embodiments,a content purchasing service (e.g., books, news, magazines, music,video, games, and mobile applications) is facilitated in which thedevice access is partially, largely, or entirely limited to the deviceor network based applications, source/destination addresses, and/orcontent transfers required to properly implement the service, in whichother applications, source/destination addresses and/or content typesare partly, largely, or entirely blocked. In some embodiments, suchambient services can have service usage monitoring and accounting thatis reported for one or more individual ambient services. For example,the service usage for a book storefront browsing and download servicecan be separately accounted for while other services such as a generalInternet shopping or auction service, a music service, a picture uploadand store/print service, a search and/or advertisement service can alsoeach have individual service usage accounting, or in some cases, groupsof services can have aggregate service usage accounting. In someembodiments, an ambient service is provided for the device prior to thetime a user has paid for permanent or full time access services, which,for example, can include a service selection platform for allowing thedevice user to access certain limited network functions and/orresources, and to access those network resources necessary to choose apay-for-service plan option. In some embodiments, the individual and/orgroup ambient service usage accounting can be transformed into one ormore billing records in which the service usage for each ambient serviceis billed to an entity, which can be the business entity that providesthe ambient service experience and/or transaction platform, or the enduser, or the central service provider, or an MVNO service provider, or adistribution partner, or an OEM, or another entity interested in payingfor one or more ambient services.

In some embodiments, allowing some or all of these services, andblocking or throttling other ambient user service attempts (e.g., unpaidlarge file size Internet downloads or uploads or movie viewing or otheraccess that would consume bandwidth and cause the ambient service to bea potential source of losses for the service provider) is made possible,for example, by various service profile control capabilities of theservice processor and/or the service controller or using various othertechniques. In some bill by account embodiments, as described herein, inwhich each service activity can, for example, be separately tracked withthe service monitor and other agents and server functions to produce abilling offset that allows categorization and mediation of differentbilling entities (accounts) provides the capability for the serviceprovider to individually account for the costs of each ambient serviceelement. For example, this allows for business models in which the freeaccess to the end user can be paid for or partially paid for by one ormore service provider partners who are billed for service access usingthe bill by account capabilities (e.g., the transaction partners can payfor user access to their transaction experience and perhaps pay arevenue share for transaction billing, the advertising sponsored websitepartners pay for their access service share).

While the service control capabilities of the service processor and thebill by account service cost sharing and transaction revenue sharing insome cases can create a profitable ambient business model, in othercases, the ambient services can be a potential source of losses for theservice provider. Accordingly, in some embodiments, the ambient servicecapabilities can be modified over time to reduce service cost to theservice provider or VSP based on a variety of decision factors. Forexample, the user can have one level of traffic control for a period oftime, and if the user has not signed up for service by the end of theperiod or if the user is no longer in good standing (e.g., based onvarious service usage criteria) for use of the service, the ambientservice access is reduced (e.g., the transmission speed can be reducedor throttled, and/or the total volume of data transmitted can be reducedor throttled, possibly additionally according to time of day parametersand/or network busy state parameters) by changing the service controlpolicy settings in the service processor, and the service level can befurther reduced over time if the user continues to not sign up forservice or the user does not create much transaction revenue. In someembodiments, this can limit or prevent users from “camping” on freeambient services without generating any meaningful revenue to fund theservice, or viewing any advertising to fund the service. In someembodiments, a user can be throttled in such a manner until the userexecutes a “useful activity” or a “preferred activity” (e.g., apurchase, viewing advertising, answering a questionnaire, signing up fora service, accepting a beta trial, and/or earning valued customerpoints), and after a useful or preferred activity occurs, then theaccess capabilities of the device are increased. As another example,various recursive throttling algorithms can be utilized to one or moreof the service activities offered in ambient service mode so that theuser experiences what full speed service is like, and if the usercontinues consuming appreciable bandwidth with the service activity,then the activity is throttled back to reduce costs until or unless theuser selects a pay-for-service plan (or accumulates sufficient serviceaccess points as described herein). In these and other similar examples,the service processor or service controller can issue the user anotification explaining that their service is currently free so theirusage is being throttled, and if they desire to receive better service,service plan upgrade offers can be delivered to the user interface (UI).In some embodiments, the level of access (e.g., ambient servicebandwidth and/or transfer limits, reachable addresses beyond the ambientservice, and/or bandwidth or transfer limits for open Internet usageand/or email usage, text usage) is increased as the user increases thenumber of useful or preferred activities (e.g., the user accumulates“service access points,” which are then spent on access activities). Itwill now be apparent to one of ordinary skill in the art that thevarious ambient service parameters including various provisioning andactivation processes used to provide an ambient service, can also bemanaged by various virtual service provider (VSP) techniques. Forexample, this allows the same service controllers and service processorsolutions to be used to define a wide range of ambient experiences forvarious device groups or user groups that are controlled by differentVSPs.

Similarly, rather than controlling ambient service profile settingsusing the device assisted services functions and/or VSP functions tocontrol the service controller, service processor, provisioning andactivation settings, various other embodiments call for the ambientservice profile settings to be controlled by various network basedservice activity control equipment as similarly described herein and/orby various intermediate networking devices. For example, depending onthe level of service control and service monitoring sophistication(e.g., advanced DPI (Deep Packet Inspection), TCP (Transmission ControlProtocol) session aware techniques, or other service aware techniques),some, much, most or all of the above described ambient servicesfunctionality can be implemented using network based service controlsand various VSP management and control techniques. Similarly, in someembodiments, service processor, provisioning and activation settings,and the ambient service profile settings can also be (at least in part)controlled by various intermediate networking devices. In someembodiments, network equipment that can provide ambient service controlsinclude, for example, service gateways, routers, charging functions,HLRs, home agents, proxy servers, and other network equipment as wouldbe apparent to one of ordinary skill in the art.

Whether the ambient service monitoring and control apparatus isimplemented with device assisted service techniques, network basedtechniques, or a combination of both, various embodiments describedherein provide for adaptive ambient service embodiments that address thedynamic (e.g., non-static) nature of Internet service access needs(e.g., allowable source/destination and/or application lists, blockedsource/destination and/or application lists, traffic control policiesfor each source/destination and/or application).

Providing an ambient service profile for an ambient service can becomplicated by the variable nature of network addresses and offeredservices such as, for example, the Internet. For example, a centralservice provider, MVNO provider or VSP may desire to provide ambientservice access to a given web site partner's web service, in exchangefor a business deal with the website partner that motivates the serviceprovider to provide the ambient access. In this example, the ambientaccess is intended to enable access (either wide open or throttled) tothe website partner's collection of URLs (and possibly one or moreapplications) associated with the service, while blocking ordifferentially throttling access to other network destinations and/orapplications not associated with the web site partner services. Aproblem can arise in this example whenever the website partner changesthe addresses and/or domains associated with the website services,because any static access list and access list policies generally makesa static list impractical. In such cases, the adaptive ambient serviceembodiments described herein provide a solution to these and otherproblems, whether the adaptive ambient access controls and/or trafficcontrols are implemented with device assisted service apparatus, networkbased apparatus, or a combination of both.

As another example, an ambient service profile for a transaction serviceprovider can include that service provider's domain or web site as anallowed destination. However, there are often inline advertisementsprovided by ad servers and/or partner sites that should also be includedin the set of allowed destinations in the ambient service profile, andthese are often dynamic or frequently changing. As another example, anambient service provider may not want to allow access to sites thattypically involve relatively high data usage (e.g., streaming and/ordownloading of video content), while allowing other sites that result inless bandwidth intensive service usage activities. As another example,during a session a user may attempt to surf out of the ambient service,such as when the user attempts to access a website or service that isnot an allowed or pre-approved destination in the ambient serviceprofile (e.g., a search site can be the pre-approved ambient service,but the ambient service partner paying for the search service access maydesire to also allow and pay for user click-through to search resultsand/or advertising offers, or, for example, an ambient shopping servicesponsor may desire to also pay for click-through to vendor partnerssites to provide a purchase transaction opportunity to the user).Moreover, the defined ambient service profile quickly stagnates asvarious applications and destinations, for example, change over time oron each request/usage (e.g., new applications become available and/orweb site content and link changes occur daily if not hourly and/or aredynamically generated using well known web site techniques). Thus, whatis needed are adaptive techniques for providing an adaptive ambientservice.

Accordingly, in some embodiments, adaptive ambient services using anadaptive ambient service profile are provided. In some embodiments, aflexible and efficient adaptive ambient service control is provided byusing an intelligent element in the network that performs one or more ofthe following functions: (1) beginning with an initial list of allowableambient service device access behaviors (e.g., addresses/URLs,applications and/or content types, in some cases, with a set of trafficcontrol policies that are differentiated as discussed above), (2) as theuser accesses the ambient service, determine if the access behavior ofthe device is within or outside of the desired ambient service accessand/or traffic control policies (e.g., determine if the access behavioris properly associated with the desired ambient services and/or servicepolicies), (3) for those access behaviors that are within the desiredambient service policies, expand the list of allowable ambient servicedevice access behaviors to include the new behaviors that are desiredand/or preferred (e.g., new sub-domains, advertising content sources,transaction partner addresses, and/or desired surf-outs), (4) for thosedevice access behaviors that are outside of the desired/preferredambient service policies (e.g., are not associated or beneficiallyassociated with the desired/preferred ambient service), expand the listof blocked or differentially throttled ambient service device accessbehaviors to include the new behaviors that are undesired or lessdesired (e.g., not preferred). In some embodiments, the intelligentnetwork element used to adapt the ambient service control is included inone or more network equipment functions (e.g., service gateways,routers, charging gateways, HLRs, AAA, base station, service controller,and/or other network equipment functions). In some embodiments theintelligent network element used to adapt the ambient service control isincluded in the device and/or intermediate networking device serviceprocessor. In some embodiments, the intelligent network element used toadapt the ambient service control is included in a combination of thedevice (and/or intermediate networking device) and one or more networkequipment functions.

In some embodiments, a flexible and efficient adaptive ambient serviceis provided using a baseline (e.g., a basic starting point) of anadaptive ambient service profile that includes default or previouslydefined (e.g., by an ambient service provider, network provider, VSP, oranother entity) allowable access list and disallowed access list for theambient service, such as to various applications, destinations, sources,traffic control rules, and/or bill by account rules or a combinationthereof. In some embodiments, the ambient service profile is anautomated and a self-evolving service profile using various techniques,such as those described herein.

In some embodiments, an adaptive ambient service includes providing anambient service profile. In some embodiments, the ambient serviceprofile includes ambient service allowed access rules and ambientservice disallowed access rules. In some embodiments, the ambientservice profile further includes ambient service monitored access rules,in which access to, for example, certain applications or destinations isallowed but is considered suspect or unknown, and thus, such access ismonitored (e.g., until that application or destination is reclassifiedunder an ambient service allowed access rule or ambient servicedisallowed access rule). In some embodiments, the ambient serviceallowed/disallowed/monitored access rules include IP addresses, domains(e.g., URLs for web sites), or any other unique network destination orapplication or source identifiers. In some embodiments, the ambientservice rules provide differentiated traffic control rules. In someembodiments, the differentiated traffic control rules providedifferentiated bandwidth and/or total data transfer limits according totraffic control policy elements, such as activities associated with themain ambient service functions (e.g., the main partner website or atransaction service), activities associated with secondary ambientservice functions (e.g., a secondary surf-out website or a less desiredservice activity), activities transferring different content types,activities associated with different applications, activities based ontime of day, activities based on network busy state, activities thatrequire higher or lower QOS (Quality Of Service), and/or otheractivities.

In some embodiments, the ambient service allowed access rules and/orambient service disallowed access rules are pushed to (e.g., published,at predefined times, during low service usage times or periods of lowservice usage activities, or upon request) the device or theintermediate networking device (e.g., any type of networking devicecapable of communicating with a device and a network, including awireless network, example intermediate networking devices include afemto cell, or any network communication device that translates thewireless data received from the device to a network, such as an accessnetwork) from the network (e.g., an element in the network that securelyprovides such data, such as a service controller for the ambientservice). In some embodiments, the ambient service allowed access rulesand/or ambient service disallowed access rules are pulled by (e.g., atpredefined times, during low service usage times or periods of lowservice usage activities, or upon request) the device or theintermediate networking device from the network (e.g., an element in thenetwork that securely provides such data, such as a service controllerfor the ambient service).

In some embodiments, the device or intermediate networking deviceincludes techniques for automatically adapting the service profile basedon ambient service usage and thereby updates the ambient service allowedaccess rules, the ambient service monitored access rules, and/or ambientservice disallowed access rules locally. Device access activities thatfall into the monitored access rules are those activities that aredetermined not to be disallowed (as of that point in time) and areallowed to take place while the intelligent adaptive service elementtests the activities on the monitored access rules list to determine ifthey should be moved to the allowed access rules list, should be movedto the disallowed access rules list, or should remain on the monitoredaccess rules list for further testing and/or observation. In this way, auseful and friendly user experience can be maintained as the adaptiveambient service rules undergo “training” to accommodate dynamic changesto the ambient service sites/applications. The device or intermediatenetworking device can then periodically provide the updated ambientservice allowed access rules, ambient service monitored access rules,and/or ambient service disallowed access rules with the network usingvarious network communication techniques, such as those describedherein. In some embodiments, the device periodically synchronizes itslocally stored ambient service allowed access rules, ambient servicemonitored access rules, and/or ambient service disallowed access ruleswith the network using various network communication techniques, such asthose described herein. In some embodiments, the training for one ormore of the three lists occurs on the device. In some embodiments, thetraining for one or more of the three lists occurs in the network. Insome embodiments, the training for one or more of the three lists occurspartly on the device and partly in the network (e.g., depending, in somecases, on the device (such as the computing/memory capacity of thedevice), network bandwidth, and/or any other architecture criteria).

In some embodiments, various techniques are used for providing theadaptive ambient service. Generally, in some embodiments, a requesteduse of the ambient service is analyzed to determine its association withthe ambient service. In some embodiments, service usage traffic patternsare analyzed. In some embodiments, the requested use of the ambientservice is determined to be associated or within the ambient service byquerying the ambient service (e.g., a server or network function forassisting in managing the ambient service/ambient service profile(s)and/or responding to such ambient service confirmation queries). In someembodiments, the requested used of the service is analyzed by testingthe requested application, destination, and/or source. In someembodiments, access for an activity not already on the allowed list orthe disallowed list is initially allowed (and in some embodiments,placed on the monitoring list) if the access is associated with a TCPsession and/or socket already in progress that is associated with anallowed ambient service. In some embodiments, access for an activity notalready on the allowed list or the disallowed list is initially allowed(and in some embodiments, placed on the monitoring list) if the accessis associated with an application already associated with and/orconnected to an allowed ambient service. In some embodiments, access foran activity not already on the allowed list or the disallowed list isinitially allowed (and in some embodiments, placed on the monitoringlist) if the access is associated with a URL referral from an allowedURL (e.g., a URL included in an allowed list of URLs). In someembodiments, access for an activity not already on the allowed list orthe disallowed list is initially allowed (and in some embodiments,placed on the monitoring list) if the access is associated with atraffic usage pattern that is within certain pre-set/predefinedparameters and/or satisfies other criteria for the ambient service.

In some embodiments, device assisted services (DAS) techniques forproviding an activity map for classifying or categorizing service usageactivities to associate various monitored activities (e.g., by URL, bynetwork domain, by website, by network traffic type, by application orapplication type, and/or any other service usage activitycategorization/classification) with associated IP addresses areprovided. In some embodiments, a policy control agent (not shown),service monitor agent 1696, or another agent or function (orcombinations thereof) of the service processor 115 provides a DASactivity map. In some embodiments, a policy control agent, servicemonitor agent, or another agent or function (or combinations thereof) ofthe service processor provides an activity map for classifying orcategorizing service usage activities to associate various monitoredactivities (e.g., by Uniform Resource Locator (URL), by network domain,by website, by network traffic type, by application or application type,and/or any other service usage activity classification/categorization)with associated IP addresses. In some embodiments, a policy controlagent, service monitor agent, or another agent or function (orcombinations thereof) of the service processor determines the associatedIP addresses for monitored service usage activities using varioustechniques to snoop the DNS request(s) (e.g., by performing suchsnooping techniques on the device 100 the associated IP addresses can bedetermined without the need for a network request for a reverse DNSlookup). In some embodiments, a policy control agent, service monitoragent, or another agent or function (or combinations thereof) of theservice processor records and reports IP addresses or includes a DNSlookup function to report IP addresses or IP addresses and associatedURLs for monitored service usage activities. For example, a policycontrol agent, service monitor agent, or another agent or function (orcombinations thereof) of the service processor can determine theassociated IP addresses for monitored service usage activities usingvarious techniques to perform a DNS lookup function (e.g., using a localDNS cache on the monitored device 100). In some embodiments, one or moreof these techniques are used to dynamically build and maintain a DASactivity map that maps, for example, URLs to IP addresses, applicationsto IP addresses, content types to IP addresses, and/or any othercategorization/classification to IP addresses as applicable. In someembodiments, the DAS activity map is used for various DAS trafficcontrol and/or throttling techniques as described herein with respect tovarious embodiments. In some embodiments, the DAS activity map is usedto provide the user various UI related information and notificationtechniques related to service usage as described herein with respect tovarious embodiments. In some embodiments, the DAS activity map is usedto provide service usage monitoring, prediction/estimation of futureservice usage, service usage billing (e.g., bill by account and/or anyother service usage/billing categorization techniques), DAS techniquesfor ambient services usage monitoring, DAS techniques for generatingmicro-CDRs (e.g., also referred to as service usage partition, serviceusage recording partition, service charging bucket, device generatedCDRs, such as in the case where the device and not a network componentare generating the usage records, ambient usage records, specializedservice usage records, or other terms to indicate a service usage datarecord generated to provide a more refined or detailed breakdown ofservice usage for the device), and/or any of the various other DASrelated techniques as described herein with respect to variousembodiments.

In some embodiments, various techniques are used for providing theadaptive ambient service that allows for a surf-out option (e.g., to anadvertisement web site or to a web site in a search result, such as asearch engine's paid search result or a search engine's organic searchresult). In some embodiments, a surf-out option is managed using asecond set of rules in the ambient service profile for the surf-outoption. In some embodiments, initial allowance of a surf-out websiteaccess is based on a main ambient website generating the surf-out (e.g.with a user click), or referring the surf-out. In some embodiments, oncethe main ambient service creates a surf-out that will be accounted tothe main ambient service usage accounting, the surf-out website accessrules are constructed according to a set of temporary allowance rules.These temporary allowance rules allow the main ambient service partnerto sponsor the surf-out without the danger of the surf-out websitebecoming a permanent allowed ambient service that the main ambientservice partner must sponsor indefinitely. For example, the temporarysurf-out rules can then include one or more of the three access listtypes, such as an allowed access list, a disallowed access list, and amonitoring access list, as similarly discussed above, and similar typesof adaptive rules can be applied to create one or more of the lists. Insome embodiments, differences with the temporary surf-out rules includelimitations based on, for example, a total time allowed for access tothe surf-out site, rules based on limiting total data transfer ortransfer bandwidth, rules on content type, rules on either allowing ordisallowing a secondary surf-out (or beyond secondary to third tier, orthrough multiple/additional tiers/degrees of separation), and/orallowing or disallowing advertising sources. For example, as similar toother ambient access list rules, the surf-out rules can also be modifiedbased on time of day, user priority, user class, user service plan, useruseful activity points, and/or network busy state.

In some embodiments, once the content offered to the user is no longerassociated with the main ambient service allowed or monitoring accesslist, the surf-out option is limited to one or more the following: alimitation on the number of new user actions or choices; a limitation onthe number of new web pages or portal pages; a limitation on the numberof new URLs or sub-URLs, domains or sub domains; a limitation on theexistence or type of advertisements; a limitation on the existence ortype or size of certain content; a limitation on the number of newaddresses; a limitation on the type of file downloads; a limitation onthe number of file downloads; a limitation on the activities of a givenapplication; a limitation on the time for the surf-out sequence; and/ora limitation on the total data transfer for the surf-out sequence. Insome embodiments, once one or more of these established limitations isexceeded, then the surf-out sequence is disallowed or differentiallytraffic controlled or throttled in some way using, for example, thevarious techniques described herein. In some embodiments, thedifferential throttling successively reduces the allowed connectionbandwidth for the ambient service surf-out sequence based on a length oftime from the point at which the surf-out sequence branched from themain ambient service allowed or monitored/monitoring access list, thenumber of user activities since the surf-out sequence branched from themain ambient service allowed or monitored/monitoring access list, thenumber of web pages selected since the surf-out sequence branched fromthe main ambient service allowed or monitored/monitoring access list,the total data transferred since the surf-out sequence branched from themain ambient service allowed or monitored/monitoring access list, thenumber of new URLs or domains since the surf-out sequence branched fromthe main ambient service allowed or monitored/monitoring access list. Insome embodiments, after the surf-out activities or sequence isdisallowed or differentially traffic controlled or throttled, once theuser again utilizes the ambient service in a manner that is directlyassociated with the main ambient service allowed access list ormonitoring access list, and the main ambient service experience againprovides a surf-out or click through option for the same or similarsurf-out experience, then the ambient surf-out limitations, for example,can be reset, removed, reduced and/or modified so that the user canagain continue the same or similar surf-out experience. In someembodiments, the surf-out sequence is stored in an access list so thatthe surf-out sequence is remembered (e.g., stored for) the next time asimilar sequence is selected from the main ambient service allowed ormonitoring lists, and there may be differential service allowancesapplied to the surf-out sequence.

For example, there are many advantageous application settings, servicemodels and service business models for which this type of capability andvarious techniques to limit surf-out sequences and, in some cases, tothen “refresh” or remove limitations or modify the limitations for thesame or a similar surf-out sequence is valuable. An example is providedand one reasonably skilled in the art can appreciate how this can beapplied to many more examples. For example, an Internet search serviceprovider can be an ambient service partner that sponsors ambient serviceaccess to their search website. A search website is generally not ofmuch value unless the user can click-through to other web sites offeredup in user click through options based on search results. Thus, in thisexample, it is important to allow the surf-out option. In someembodiments, the search provider charges differentially for paid orsponsored search results, banners or click-throughs offered up as partof an ambient service so that, for example, the search result sponsorcan help to bear the costs of ambient access in the bill by accountsetting. However, once the user has selected a surf-out option, it isimportant to make sure the surf-out sequence does not become anunlimited access allowance for the user to then surf the Internet forany purpose as this would result in completely unlimited Internetaccess, which the search service provider and/or the search servicesponsors would be billed for. Thus, in some embodiments, it is importantto limit the “search sequence tree” so that the “branches” of thesurf-out sequence do not progress too far from the main “trunk” of themain ambient service. For example, the surf-out sequence “branches” canbe limited in many ways, and the above embodiments are provided asexamples, but at this point one skilled in the art will recognize thatmany more specific embodiments are possible, in which an aspect of manyof the embodiments described herein is the ability to identify and allowa surf-out sequence that is not on the main ambient service allowed ormonitoring list, establish a process for temporarily allowing certaintypes of surf-out sequence(s), and then properly limiting the surf-outsequence branches using various criteria and techniques.

In some embodiments, the surf-out option is implemented on a serviceprocessor (on a device and/or an intermediate networking device) withdevice assisted services. In some embodiments, the surf-out option isimplemented with a combination of a service processor and a servicecontroller. In some embodiments, the surf-out option is implemented withthe various service control and monitoring verification techniques.

In some embodiments, the surf-out option is billed to a main ambientservice provider or a secondary ambient service partner (e.g., based ona referring URL, such as that provided by a search engine for a searchresult and/or a sponsored search result). In some embodiments, thesurf-out option is restricted to the associated user session. In someembodiments, the surf-out option is restricted to the associatedapplication. In some embodiments, the surf-out option is limited bytime, data usage, or any other criteria. In some embodiments, thesurf-out option is controlled or restricted based on a user's currentstanding (e.g., good standing for service usage/billing or otherpurposes/criteria). In some embodiments, the user's standing isdetermined based on various criteria (e.g., purchase behavior, ad clickthrough behavior, user account standing, user browsing behavior, userservice data usage, reward points, or any other criteria). In someembodiments, in which a search engine is generating the click throughfor the surf-out session/activities, only sponsored search results forwhich the search provider is getting paid for displaying the searchresult are allowed in the ambient service for search out and/or, in someembodiments, only the sponsored search results are displayed at all. Insome embodiments, both sponsored search and un-sponsored search aredisplayed and allowed.

In some embodiments, there is an identifier communicated from the device(e.g., a unique application identifier, an agent header, such as in anHTML header, a cookie, such as in an HTML cookie, or a communicationhandshake sequence, or other secure token or secure handshake technique)to the ambient service provider (e.g., a web service or web site) thatidentifies the device communication traffic as being associated with anambient service. In some embodiments, the ambient service partner caninterpret the identifier to ascertain that the communication is beingsponsored within an ambient service model. In some embodiments, once theambient service partner determines that the communication is associatedwith an ambient service model, any aspect of any combination of theambient service experience, service interface (e.g., web pages or portalpages) look and feel, service interface (e.g., web pages or portalpages) complexity and/or content, offered content, content resolution,offered advertising, advertising resolution, transaction offers,transaction offer content or resolution, offered service bandwidth,total data transfer delivered, surf-out options, or other aspects of theambient service experience served up by the ambient service partner canbe tailored to optimize the offered ambient service experience. In someembodiments, the ambient service partner will optimize the offeredambient service experience in this way to reduce total bandwidthdelivered in cases for which the ambient service partner or some otherentity is paying for the ambient service access using, for example,various bill by account techniques or using other techniques.

In some embodiments, the surf-out option is associated with a token(e.g., in a request header or some other secure or encrypted token orcookie associated with the session request) for an ambient serviceprovider or ambient service partner, so that the surf-out session can bebilled to that ambient service provider or ambient service partner,respectively. In such embodiments, the ambient service web site canreceive a token request and provided that the website provides a validtoken then the access to the ambient service session is allowed. In thisway, a highly scalable ambient service system can be provided to any website service partner who subscribes to the token service. In someembodiments, user information is also included in the token request tothe web site provider, so that the web site provider can determine ifthe user is worth paying the ambient service access fees for.

In some embodiments, a token is used to identify, enable, account for,and/or establish billing for the ambient service access associated witha main ambient service and not just the surf-out sequences. In general,whenever a token enabled ambient service embodiment is discussed herein,one of ordinary skill in the art will appreciate that the token ambientservice technology can be utilized for either a main ambient service oran ambient service surf-out sequence.

In some embodiments, a proxy server or router is provided, and theambient service provider monitors, accounts, controls, and/or optimizesthe service usage through the proxy server or router (e.g., using theadaptive ambient service profile and/or any of the techniques describedherein). In some embodiments, the proxy server or router implements thevarious techniques described herein (e.g., determines if the requestedaccess is within the ambient service profile or belongs on themonitoring or disallowed lists, whether the requested access iscompliant with a surf-out option, whether the user is in good standing,whether the requested access is associated with a referring URL, adaptsone or more of the three access lists, and/or whether the requestedaccess is associated with a token for an ambient service provider orambient service provider). For example, in some embodiments, the proxyserver or router manages the secure token protocol for the surf-outoption, as described herein. In some embodiments, the proxy server orrouter manages the bill by account for the various adaptive ambientservice techniques and/or the billing of ambient serviceproviders/partners for the adaptive ambient service provided for thesurf-out option, as described herein. Each of these various techniquesis further described below.

In some embodiments, a proxy network device (e.g., a proxy server orrouter) is provided, and the ambient service (e.g., service processorand/or service controller) directs the wireless communications devicetraffic to the proxy network device. In some embodiments, a proxynetwork device facilitates the ambient service (e.g., and/or anon-ambient service), including, for example, monitoring, accounting,controlling, providing security control, and/or optimizing the serviceusage through the proxy network device (e.g., using the adaptive ambientservice profile and/or other associated service profile and/or any ofthe techniques described herein).

In some embodiments, a proxy server or router is provided (e.g., by thecentral provider, by the MVNO, or by the associated ambient serviceprovider, such as an Amazon proxy server/router, or by anotherassociated ambient service provider), and the ambient service (e.g.,service processor and/or service controller) directs the wirelesscommunications device traffic destined for the specific ambient serviceto the proxy server or router that supports that ambient service. Insome embodiments, the proxy server or router facilitates the ambientservice, including, for example, monitoring the service usage throughthe proxy server or router (e.g., to count bytes/data service usagelevels or any other relevant metric by service/activity using theadaptive ambient service profile and/or any of the techniques describedherein).

In some embodiments, a proxy server or router is provided, the serviceis initially an ambient service that a user subsequently upgrades toanother service (e.g., any form of a non-ambient service plan) and/orthe device/user initially is configured or selected another service(e.g., any form of a non-ambient service plan that provides foranother/non-ambient service(s)). In some embodiments, the service (e.g.,service processor and/or service controller) also directs the wirelesscommunications devices to the proxy server or router. In someembodiments, the proxy server or router facilitates the service,including, for example, monitoring/security control the service usagethrough the proxy server or router (e.g., to count bytes/data serviceusage levels or any other relevant metric by service/activity using theassociated service profile and/or any of the techniques describedherein). In some embodiments, the proxy server or router facilitates theservice, including, for example, monitoring, accounting, controlling,security control, and/or optimizing the service usage through the proxyserver or router (e.g., using the associated service profile and/or anyof the techniques described herein).

In some embodiments, one or more service gateways (or router), in somecases in conjunction with a charging gateway, HLR, AAA server, basestation, or other network function/element/device (any combination ofthese elements being a “gateway embodiment”), is provided, and theambient service provider monitors, accounts, controls, and/or optimizesthe service usage through a gateway embodiment (e.g., using the adaptiveambient service profile and/or any of the techniques described herein).In some embodiments, a gateway embodiment implements the varioustechniques described herein (e.g., determines if the requested access iswithin the ambient service profile or belongs on the monitoring ordisallowed lists, whether the requested access is compliant with asurf-out option, whether the user is in good standing, whether therequested access is associated with a referring URL, adapts one or moreof the three access lists, and/or whether the requested access isassociated with a token for an ambient service provider or ambientservice provider). For example, in some embodiments, a gatewayembodiment manages the secure token protocol for the surf-out option, asdescribed herein. In some embodiments, a gateway embodiment manages thebill by account for the various adaptive ambient service techniquesand/or the billing of ambient service providers/partners for theadaptive ambient service provided for the surf-out option, as describedherein. Each of these various techniques is further described below.

In some embodiments, an adaptive ambient service includes implementingan ambient service profile for assisting control of a communicationsdevice use of an ambient service on a wireless network, in which theambient service profile includes various service policy settings, and inwhich the ambient service profile is associated with an ambient serviceplan that provides for initial access to the ambient service withlimited service capabilities prior to activation of a new service plan;monitoring use of the ambient service based on the ambient serviceprofile; and adapting the ambient service profile based on the monitoreduse of the ambient service. In some embodiments, these techniques areperformed by the communications device (e.g., using a serviceprocessor), a network element/function (e.g., using a servicecontroller, proxy server, and/or other networkelements/functions/devices), and/or an intermediate networkingcommunications device and, in some embodiments in various combinationswith each other and/or with other functions/elements on the network/incommunication with the network. In some embodiments, the service policysettings include one or more of the following: access control settings,traffic control settings, billing system settings, user notificationwith acknowledgement settings, user notification with synchronizedservice usage information, user privacy settings, user preferencesettings, authentication settings, admission control settings,application access settings, content access settings, transactionsettings, and network or device management communication settings.

In some embodiments, the ambient service profile is implemented at leastin part by a proxy server, in which the monitored use of the ambientservice based on the ambient service profile is performed at least inpart by the proxy server, and in which the proxy server communicates theambient service traffic to the communications device. In someembodiments, the ambient service plan allows for access to the ambientservice with limited service capabilities that are limited based on oneor more of the following: period of time, network address, service type,content type, application type, QOS class, time of day, network capacity(e.g., network busy state), bandwidth, and data usage. In someembodiments, the ambient service plan is a low cost or free trialservice plan that is bundled or provided as an option for purchase at apoint of sale of the communications device. In some embodiments, thecommunications device is activated prior to a point of sale of thecommunications device, and the ambient service plan is associated withthe communications device during activation. In some embodiments, theambient service plan is associated with the communications device duringone or more of the following: a manufacture of the communicationsdevice, a distribution of the communications device, or a point of saleof the communications device. In some embodiments, the ambient serviceplan includes an option to purchase a new service plan for thecommunications device, in which the new service plan includes additionalservice capabilities. In some embodiments, the ambient service profileis programmable by one or more of the following: a manufacturer, aservice provider, a distributor, a virtual service provider, and adevice manager.

In some embodiments, the ambient service is a transaction based service,in which service usage for the ambient service by the communicationsdevice is not billed, and in which electronic commerce basedtransactions performed using the communications device are billed astransaction based charges. In some embodiments, the ambient service is atransaction based service, in which electronic commerce basedtransactions performed using the communications device are billed astransaction based charges, and in which at least a portion of serviceusage costs are billed to one or more of the following: an advertiser, atransaction provider, a mobile virtual network operator, a virtualservice provider, and an ambient service provider.

In some embodiments, the communications device is a mobilecommunications device or an intermediate networking device, and theambient service includes one or more Internet based services. In someembodiments, the communications device is a mobile communicationsdevice, and the ambient service includes one or more Internet basedservices, and the mobile communications device includes one or more ofthe following: a mobile phone, a PDA, an eBook reader, a music device,an entertainment/gaming device, a computer, laptop, a netbook, a tablet,and a home networking system. In some embodiments, the communicationsdevice includes a modem, and the processor is located in the modem.

In some embodiments, the implementation of the first service profile isverified based on one or more of the following: device based serviceusage information and network based service usage information. In someembodiments, the ambient service profile is adapted and/or updated basedon updates received from the network.

FIG. 1 illustrates a wireless network architecture for providingadaptive ambient service in accordance with some embodiments. As shown,FIG. 1 includes a 4G/3G/2G wireless network operated by, for example, acentral provider. As shown, various wireless devices 100 are incommunication with base stations 125 for wireless network communicationwith the wireless network, and other devices 100 are in communicationwith Wi-Fi Access Points (APs) or Mesh 702 for wireless communication toWi-Fi Access CPE 704 in communication with central provider accessnetwork 109. In some embodiments, each of the wireless devices 100includes a service processor 115 (as shown), and each service processorconnects through a secure control plane link to a service controller122. In some embodiments, the network based service usage information(e.g., network based CDRs) is obtained from one or more network elementsand/or assisted by device based service usage information (e.g., deviceassisted CDRs). As shown, an MVNO core network 210 also includes a CDRstorage, aggregation, mediation, feed 118, a MVNO billing interface 122,and a MVNO billing system 123 (and other network elements as shown inFIG. 1 ). Those of ordinary skill in the art will appreciate thatvarious other network architectures can be used for providing adaptiveambient services, and FIG. 1 is illustrative of just one such examplenetwork architecture for providing the adaptive ambient servicetechniques described herein.

In some embodiments, the various techniques for adaptive ambientservices are performed (e.g., at least in part) on the device (e.g.,device 100) and/or on an intermediate networking device (e.g., using aservice processor 115 and an ambient service profile). For example, thevarious techniques for adaptive ambient services can be performed on aprocessor of the device, and the ambient service profile can be securelystored locally on the device using various techniques for secureexecution and storage.

In some embodiments, the various techniques for adaptive ambientservices are performed on the device or on the intermediate networkingdevice with assistance or verification from the network (e.g., a servicecontroller 122 executed on any network element, in which the servicecontroller 122 is in secure communication with the device/intermediatenetworking device, including the service processor 115 executed on thedevice/intermediate networking device). In some embodiments, adaptiveambient services are performed on the device or on the intermediatenetworking device with assistance or verification from the network(e.g., using a service controller for maintaining a centralized set ofambient service allowed access rules and/or ambient service disallowedaccess rules, and a superset of all ambient service monitored accessrules, working cross device population). In some embodiments, theservice controller 122 or other network element(s) assist the device forimplementing these techniques for adaptive ambient services (e.g., crossdevice, cross URL/domain usage patterns/monitoring, publishingcentralized set of ambient service allowed access rules, ambient servicemonitored access rules, and/or ambient service disallowed access rules,including, for example, compromised and/or hacked URLs). In someembodiments, the service controller 122 or other network element(s)assist the device for implementing these techniques for adaptive ambientservices by verifying the device maintained set of ambient serviceallowed access rules, ambient service monitored access rules, and/orambient service disallowed access rules. In some embodiments, theservice controller 122 or other network element(s) assist the device forimplementing these techniques for adaptive ambient services by verifyingthe device monitored service usage with CDR service usage using varioustechniques, for example, such as those described herein. In someembodiments, the service controller 122 or other network element(s)assist the device for implementing these techniques for adaptive ambientservices by verifying the device monitored service usage by IP address(e.g., using CDR by traffic destination).

In some embodiments the various techniques for adaptive ambient servicesare performed on the network (e.g., a gateway, router or any othernetwork element using, for example, deep packet inspection (DPI) on themonitored (non-encrypted) network traffic).

As shown in FIG. 1 , a CDR storage, aggregation, mediation, feed 118(e.g., service usage 118, including a billing aggregation data store andrules engine) is a functional descriptor for, in some embodiments, adevice/network level service usage information collection, aggregation,mediation, and reporting function located in one or more of thenetworking equipment boxes attached to one or more of the sub-networksshown in FIG. 1 (e.g., central provider access network 109 and/orcentral provider core network 110), which is in communication with theservice controller 122, and a central billing interface 127. As shown inFIG. 1 , service usage 118 is shown as a function in communication withthe central provider core network 110. In some embodiments, the CDRstorage, aggregation, mediation, feed 118 function is located elsewherein the network or partially located in elsewhere or integrated with/aspart of other network elements. In some embodiments, CDR storage,aggregation, mediation, feed 118 functionality is located or partiallylocated in the AAA server 121 and/or the mobile wireless center/HomeLocation Register (HLR) 132 (as shown, in communication with a DNS/DHCPserver 126). In some embodiments, service usage 118 functionality islocated or partially located in the base station, base stationcontroller and/or base station aggregator, collectively referred to asbase station 125 in FIG. 1 . In some embodiments, CDR storage,aggregation, mediation, feed 118 functionality is located or partiallylocated in a networking component in the central provider access network109, a networking component in the core network 110, the central billingsystem 123, the central billing interface 127, and/or in another networkcomponent or function. This discussion on the possible locations for thenetwork based and device based service usage information collection,aggregation, mediation, and reporting function (e.g., CDR storage,aggregation, mediation, feed 118) can be generalized as described hereinand as shown in the other figures described herein as would be apparentto one of ordinary skill in the art. Also as shown in FIG. 1 , theservice controller 122 is in communication with the central billinginterface 123 (also sometimes referred to as the external billingmanagement interface or billing communication interface) 127, which isin communication with the central billing system 123. As shown, an ordermanagement 180 and subscriber management 182 are also in communicationwith the central provider core network 110 for facilitating order andsubscriber management of services for the devices 100 in accordance withsome embodiments.

In some embodiments, the CDR storage, aggregation, mediation, feed 118(and/or other network elements or combinations of network elements)provides a device/network level service usage information collection,aggregation, mediation, and reporting function. In some embodiments, theCDR storage, aggregation, mediation, feed 118 (and/or other networkelements or combinations of network elements) collects device generatedusage information for one or more devices on the wireless network (e.g.,devices 100); and provides the device generated usage information in asyntax and a communication protocol that can be used by the wirelessnetwork to augment or replace network generated usage information forthe one or more devices on the wireless network. In some embodiments,the syntax is a charging data record (CDR), and the communicationprotocol is selected from one or more of the following: 3GPP, 3GPP2, orother communication protocols. In some embodiments, the CDR storage,aggregation, mediation, feed 118 (and/or other network elements orcombinations of network elements) includes a service usage data store(e.g., a billing aggregator) and a rules engine for aggregating thecollected device generated usage information. In some embodiments, thesyntax is a charging data record (CDR), and the network device is a CDRfeed aggregator, and the CDR storage, aggregation, mediation, feed 118(and/or other network elements or combinations of network elements) alsoaggregates CDRs for the one or more devices on the wireless network;applies a set of rules to the aggregated CDRs using a rules engine(e.g., bill by account, transactional billing, and/or any other billingor other rules for service usage information collection, aggregation,mediation, and reporting), and communicates a new set of CDRs for theone or more devices on the wireless network to a billing interface or abilling system (e.g., providing a CDR with a billing offset byaccount/service). In some embodiments, the CDR storage, aggregation,mediation, feed 118 (and/or other network elements or combinations ofnetwork elements) communicates a new set of CDRs for the one or moredevices on the wireless network to a billing interface or a billingsystem. In some embodiments, the CDR storage, aggregation, mediation,feed 118 (and/or other network elements or combinations of networkelements) communicates with a service controller to collect the devicegenerated usage information for the one or more devices on the wirelessnetwork. In some embodiments, the CDR storage, aggregation, mediation,feed 118 (and/or other network elements or combinations of networkelements) communicates with a service controller, in which the servicecontroller is in communication with a billing interface or a billingsystem. In some embodiments, the CDR storage, aggregation, mediation,feed 118 (and/or other network elements or combinations of networkelements) communicates the device generated usage information to abilling interface or a billing system. In some embodiments, the CDRstorage, aggregation, mediation, feed (and/or other network elements orcombinations of network elements) communicates with a transport gatewayand/or a Radio Access Network (RAN) gateway to collect the networkgenerated usage information for the one or more devices on the wirelessnetwork. In some embodiments, the service controller 122 communicatesthe device generated service usage information to the CDR storage,aggregation, mediation, feed 118 (and/or other network elements orcombinations of network elements).

In some embodiments, the CDR storage, aggregation, mediation, feed 118(and/or other network elements or combinations of network elements)performs rules for performing a bill by account aggregation andmediation function. In some embodiments, the service controller 122 incommunication with the CDR storage, aggregation, mediation, feed 118(and/or other network elements or combinations of network elements)performs a rules engine for aggregating and mediating the devicegenerated usage information. In some embodiments, a rules engine devicein communication with the CDR storage, aggregation, mediation, feed 118(and/or other network elements or combinations of network elements)performs a rules engine for aggregating and mediating the devicegenerated usage information.

In some embodiments, the rules engine is included in (e.g., integratedwith/part of) the CDR storage, aggregation, mediation, feed 118. In someembodiments, the rules engine and associated functions, as discussedherein, is a separate function/device. In some embodiments, the servicecontroller 122 performs some or all of these rules engine basedfunctions, as discussed herein, and communicates with the centralbilling interface 127. In some embodiments, the service controller 122performs some or all of these rules engine based functions, as discussedherein, and communicates with the central billing system 123.

In some embodiments, duplicate CDRs are sent from the network equipmentto the billing system 123 that is used for generating service billing.In some embodiments, duplicate CDRs are filtered to send only thoseCDRs/records for devices controlled by the service controller and/orservice processor (e.g., the managed devices). For example, thisapproach can provide for the same level of reporting, lower level ofreporting, and/or higher level of reporting as compared to the reportingrequired by the central billing system 123.

In some embodiments, a bill-by-account billing offset is provided. Forexample, bill-by-account billing offset information can be informed tothe central billing system 123 by providing a CDR aggregator feed thataggregates the device based service usage data feed to provide a new setof CDRs for the managed devices to the central billing interface 127and/or the central billing system 123. In some embodiments, transactionbilling is provided using similar techniques. For example, transactionbilling log information can be provided to the central billing interface127 and/or the central billing system 123.

In some embodiments, the rules engine (e.g., performed by the serviceusage 118 or another network element, as described herein) provides abill-by-account billing offset. For example, device generated serviceusage information (e.g., device assisted charging data records (CDRs))includes a transaction type field (e.g., indicating a type of servicefor the associated service usage information). The rules engine canapply a rule or a set of rules based on the identified serviceassociated with the device generated usage information to determine abill-by-account billing offset (e.g., a new CDR can be generated toprovide the determined bill-by-account billing offset). For example, thedetermined bill-by-account billing offset can be provided as a credit tothe user's service usage account (e.g., a new CDR can be generated witha negative offset for the user's service usage account, such as fornetwork chatter service usage, or transactional service usage, or forany other purposes based on one or more rules performed by the rulesengine).

As another example, for a transactional service, a first new CDR can begenerated with a negative offset for the user's service usage accountfor that transactional service related usage, and a second new CDR canbe generated with a positive service usage value to charge that sameservice usage to the transactional service provider (e.g., Amazon, eBay,or another transactional service provider). In some embodiments, theservice controller 122 generates these two new CDRs, and the serviceusage 118 stores, aggregates, and communicates these two new CDRs to thecentral billing interface 127. In some embodiments, the servicecontroller 122 generates these two new CDRs, and the service usage 118stores, aggregates, and communicates these two new CDRs to the centralbilling interface 127, in which the central billing interface 127applies rules (e.g., performs the rules engine for determining thebill-by-account billing offset).

In some embodiments, the service controller 122 sends the devicegenerated CDRs to the rules engine (e.g., service usage 118), and therules engine applies one or more rules, such as those described hereinand/or any other billing/service usage related rules as would beapparent to one of ordinary skill in the art. In some embodiments, theservice controller 122 generates CDRs similar to other network elements,and the rules (e.g., bill-by-account) are performed in the centralbilling interface 127. For example, for the service controller 122 togenerate CDRs similar to other network elements, in some embodiments,the service controller 122 is provisioned on the wireless network andbehaves substantially similar to other CDR generators on the network) aswould be apparent to one of ordinary skill in the art.

In some embodiments, the service controller 122 is provisioned as a newtype of networking function that is recognized as a valid and securesource for CDRs by the other necessary elements in the network (e.g.,the Service Usage History/CDR Aggregation and Mediation Server 118). Insome embodiments, where the network necessary apparatus will onlyrecognize CDRs from certain types of networking equipment (e.g. RANGateway 410 or Transport Gateway 420), then the Service Controller 122can provide authentication credentials to the other networking equipmentthat indicate it is one of the approved types of equipment. In someembodiments, the link between the Service Controller 122 and thenecessary CDR aggregation and mediation equipment is secured,authenticated, encrypted and/or signed.

In some embodiments, the CDR storage, aggregation, mediation, feed 118discards the network based service usage information (e.g., networkbased CDRs) received from one or more network elements. In theseembodiments, the service controller 122 can provide the device basedservice usage information (e.g., device assisted/based CDRs) to the CDRstorage, aggregation, mediation, feed 118 (e.g., the CDR storage,aggregation, mediation, feed 118 can just provide a store, aggregate,and communication function(s)), and the device based service usageinformation is provided to the central billing interface 127 or thecentral billing system 123.

In some embodiments, the device assisted/based CDRs and/or new CDRsgenerated based on execution of a rules engine as described herein isprovided only for devices that are managed and/or based on device group,service plan, or any other criteria, categorization, and/or grouping,such as based on ambient service or ambient service provider.

FIG. 2 illustrates a wireless network architecture for providingadaptive ambient service including a proxy server in accordance withsome embodiments. As shown, FIG. 2 includes a proxy server 270 incommunication with a 4G/3G/2G wireless network operated by, for example,a central provider. In some embodiments, each of the wireless devices100 includes a service processor 115 (as shown), and each serviceprocessor connects through a secure control plane link to a servicecontroller 122. In some embodiments, the network based service usageinformation (e.g., CDRs) is obtained from Radio Access Network (RAN)gateway(s) 410 and/or transport gateway(s) 420.

Referring now to the 4G/3G/2G access network as shown in FIG. 2 , the4G/3G and 3G/2G base stations/nodes 125 are in communication with a4G/3G/2G Radio Access Network (RAN) gateway 410 via a radio accessnetwork 405, which are in communication with a 4G/3G/2G transportgateway 420 via an access transport network 415. The central providercore network 110 is in network communication with the access transportnetwork 415 (e.g., via a dedicated/leased line, and as shown, via afirewall 124). The Internet 120 is available via a firewall 124 and thetransport gateway(s) 420, as shown. Also, as shown, a network apparatusprovisioning system 160, order management 180, and subscriber management182 are in communication with the central provider core network 110. Asshown, a AAA server 121, a mobile wireless center/Home Location Register(HLR) 132, a DNS/DHCP 126, and CDR storage, aggregation, mediation, feed118 are also in communication with the access transport network 415. Thecentral billing system 123 and the central billing interface 127 areshown in communication with the central provider core network 110.

In some embodiments, the various techniques for adaptive ambientservices are performed using the proxy server 270. For example, theambient service provider can provide the proxy server 270, and theambient service provider monitors, accounts, controls, and/or optimizesthe service usage through the proxy server 270 (e.g., using the adaptiveambient service profile and/or any of the techniques described herein).In some embodiments, the central service provider provides the proxyserver 270, and the ambient service provider is provided access tomonitor, account, control, and/or optimize the service usage through theproxy server 270 (e.g., using the adaptive ambient service profileand/or any of the techniques described herein).

FIG. 3 illustrates a flow diagram for providing adaptive ambient servicein accordance with some embodiments. At 302, the process for an adaptiveambient service begins. At 304, whether a requested access is within theambient service profile, such as within the ambient service allowedaccess rules, the ambient service monitoring access rules, and/orambient service disallowed access rules, is determined. At 306, if therequested access is within the ambient service profile, then theappropriate rule is applied, such as the appropriate ambient serviceallowed access rule, ambient service monitoring access rule, and/orambient service disallowed access rule. At 308, if not (e.g., therequested access is not within the ambient service profile, such as notcategorized within any of the ambient service profile rules), thencategorize the requested access as a monitored access. In someembodiments, a requested access that is not otherwise known orcategorized in the ambient service profile, is allowed and thenmonitored (e.g., trusted and then verified through monitoring and othertechniques, such as the various other techniques described herein). At310, if the requested access is categorized as monitored access, thenallow the requested access and monitor the requested access. At 312,determine whether the requested access can now be added or blocked basedon the monitored access. At 314, if the requested access can now beblocked, then block the requested access and update the ambient serviceprofile accordingly (e.g., add the requested access to the ambientservice blocked access rules). Similarly, if the requested access cannow be added, then continue to allow the requested access and update theambient service profile accordingly (e.g., add the requested access tothe ambient service allowed access rules). At 316, determine whether tocontinue to monitor the requested access (e.g., if the requested accessis still in progress, and the requested access has not been otherwisecategorized as allowed or blocked ambient service access, then continueto monitor), and if so, continue to monitor the requested access at 318(e.g., if and until a determination of whether to allow and/or blocksuch access using the various techniques described herein). At 320, theprocess is repeated for the next requested access. At 322, the processis completed.

FIG. 4 illustrates another flow diagram for providing adaptive ambientservice in accordance with some embodiments. At 402, the process for anadaptive ambient service begins. At 404, whether a requested access isassociated with the ambient service is determined. As described hereinwith respect to FIG. 4 , there are various techniques for testing theassociation of the requested access with the ambient service. Forexample, at 406, whether the requested access is within the ambientservice profile, such as within the ambient service allowed accessrules, the ambient service monitoring access rules (also sometimesreferred to herein as monitored access rules), and/or ambient servicedisallowed access rules, is determined. At 408, whether the requestedaccess to an application is tested to determine whether the applicationis associated with the ambient service and whether the application iscurrently executing. At 410, whether the requested access is within thesame traffic flow as other ambient services traffic is determined (e.g.,using various device based, device assisted and/or network based (suchas DPI) traffic monitoring techniques). Various other techniques canalso be employed for testing the association of the requested accesswith the ambient service. For example, incoming traffic can be tagged(e.g., using a referred URL or an HREF or an IMAGE HTML tag); and/or thedomain object management (DOM) tree can be analyzed to determine a linksmodel of a requested web page or other techniques can be utilized todetermine the links model of the requested web page. As another example,the content of the requested access (e.g., web page content) can beanalyzed to determine if it is associated with the ambient service(e.g., using various content relevancy techniques). As another example,a reverse lookup to the requested network destination (e.g., URL,associated domain, sub-domain, ad server domain, or other destination orsource) can be determined to test the association of the requestedaccess with the ambient service. At 412, based on the above testing ofthe association of the requested access with the ambient service,determine whether the requested access can now be added or blocked basedon the monitored access. At 414, if the requested access can now beblocked, then block the requested access and update the ambient serviceprofile accordingly (e.g., add the requested access to the ambientservice blocked access rules). Similarly, if the requested access cannow be added, then continue to allow the requested access and update theambient service profile accordingly (e.g., add the requested access tothe ambient service allowed access rules). At 416, determine whether tocontinue to monitor/test the association of the requested access withthe ambient service (e.g., if the requested access is still in progress,and the requested access has not been otherwise categorized as allowedor blocked ambient service access, then continue to perform the testinganalysis), and if so, continue to perform the monitor/testing analysisof the requested access at 418. At 420, the process is repeated for thenext requested access. At 422, the process is completed.

FIG. 5 illustrates another flow diagram for providing adaptive ambientservice in accordance with some embodiments. At 502, the process for anadaptive ambient service begins. At 504, traffic patterns of ambientservice usage are analyzed. As described herein with respect to FIG. 5 ,there are various techniques for testing and analyzing the ambientservice usage traffic patterns to determine whether the access should beallowed, blocked, or is otherwise deemed suspicious or otherwise notknown/categorized, and thus, should be monitored (e.g., using themonitoring access rules). For example, at 506, expected ambient serviceusage is compared with the actual ambient service usage (e.g., usingvarious ambient service usage monitoring techniques, as described hereinand/or using other techniques). In some embodiments, the expected versusactual ambient service usage is analyzed and can be further categorizedas described below. At 508, the ambient service traffic usage isanalyzed and categorized. In some embodiments, the ambient servicetraffic usage is categorized by one or more of the following: totaltraffic, by application, by destination (e.g., URL, domain, sub-domain,or other unique identifier), by traffic flow, by network socket, by timeof day, by ambient service profile categorization (e.g., ambient serviceallowed access, ambient service monitored access, and/or ambient serviceblocked/disallowed access rules), by web browsing traffic patterns, bycontent download patterns, and/or using any other categorizations orpatterns. In some embodiments, the ambient service traffic usage isaggregated (e.g., across user or user group), and statistical analysistechniques are used to identify categories of allowable or suspect orshould be disallowed access service usage requests/patterns (e.g., veryinfrequently requested access for high data bandwidth ambient serviceusage can be deemed suspect or automatically categorized as disallowed).At 510, the ambient service traffic usage is correlated with variousambient traffic profiles. For example, buying patterns can be correlatedwith content download patterns (e.g., a power use categorization versusa seldom/never purchases user categorization can be used to providedifferent ambient service profiles and/or throttling techniques based onsuch categorizations for the various ambient service users).

Various other techniques can also be employed for testing the ambientservice usage traffic to provide adaptive ambient services as will nowbe apparent to one of ordinary skill in the art in view of theembodiments and examples described herein. At 512, based on the abovetesting of the association of the requested access with the ambientservice, determine whether the requested access can now be added orblocked based on the monitored access. At 514, if the requested accesscan now be blocked, then block the requested access and update theambient service profile accordingly (e.g., add the requested access tothe ambient service blocked access rules). Similarly, if the requestedaccess can now be added, then continue to allow the requested access andupdate the ambient service profile accordingly (e.g., add the requestedaccess to the ambient service allowed access rules). At 516, determinewhether to continue to monitor/test the association of the requestedaccess with the ambient service (e.g., if the requested access is stillin progress, and the requested access has not been otherwise categorizedas allowed or blocked ambient service access, then continue to performthe testing analysis), and if so, continue to perform themonitor/testing analysis of the requested access at 518. At 520, theprocess is repeated for the next requested access. At 522, the processis completed.

FIG. 6 illustrates another flow diagram for providing adaptive ambientservice in accordance with some embodiments. In some embodiments, acombination of various techniques are used for providing adaptiveambient services, such as those described below with respect to FIG. 6 .In some embodiments, a subset of these various techniques are employedusing various combinations of such techniques or individual techniques.At 602, the process for an adaptive ambient service begins. At 604,whether a requested access is associated with the ambient service isdetermined (e.g., as similarly described above with respect to FIG. 4 ).At 606, the ambient service usage is analyzed (e.g., as similarlydescribed above with respect to FIG. 5 ). At 608, the ambient service isqueried to verify the requested access (e.g., if the requested access isnot in the ambient service profile or otherwise suspicious or covered bya monitored access rule, then the ambient service can be queried formore information as to whether this requested access is associated withthe ambient service usage or should otherwise be allowed). In someembodiments, various requested accesses can be allowed for certain usersor for certain requests to allow for monitoring or testing but deniedfor other users/requests. In some embodiments, the device orintermediate networking device based ambient service profile settings(e.g., local ambient service profile rules, categorizations, settings,and/or other data) are provided to the ambient service provider forfurther analysis and to correlate various access requests with theambient service (e.g., monitored access requests can be confirmed asapproved or not, that is associated with the ambient service orotherwise permissible, or not, as deemed by the ambient service providerusing various techniques). At 610, the source of the requested access isanalyzed. In some embodiments, the source of the requested access isitself tested using various techniques (e.g., search engine/web crawlertechniques or DOM techniques to determine whether certain web basedrequests are associated with the ambient service; or to verify with asecondary source such as an ad server; or to verify ownership of certainnetwork domains by the ambient service provider or associatedadvertiser).

Various other techniques can also be employed for providing adaptiveambient services as will now be apparent to one of ordinary skill in theart in view of the embodiments and examples described herein. At 612,based on the above testing of the association of the requested accesswith the ambient service, determine whether the requested access can nowbe added or blocked based on the monitored access. At 614, if therequested access can now be blocked, then block the requested access andupdate the ambient service profile accordingly (e.g., add the requestedaccess to the ambient service blocked access rules). Similarly, if therequested access can now be added, then continue to allow the requestedaccess and update the ambient service profile accordingly (e.g., add therequested access to the ambient service allowed access rules). At 616,determine whether to continue to monitor/test the association of therequested access with the ambient service (e.g., if the requested accessis still in progress, and the requested access has not been otherwisecategorized as allowed or blocked ambient service access, then continueto perform the testing analysis), and if so, continue to perform themonitor/testing analysis of the requested access at 618. At 620, theprocess is repeated for the next requested access. At 622, the processis completed.

FIG. 7 illustrates a flow diagram for providing adaptive ambient servicefor a surf-out option in accordance with some embodiments. At 702, theprocess for an adaptive ambient service begins. At 704, whether arequested access is associated with the ambient service is determined.As described herein with respect to FIG. 7 , there are varioustechniques for testing the association of the requested access with theambient service. For example, at 706, whether the requested access iswithin the ambient service profile, such as within the ambient serviceallowed access rules, the ambient service monitored access rules, and/orambient service disallowed access rules, is determined. At 708, whetherthe requested access to an application is tested to determine whetherthe application is associated with the ambient service and whether theapplication is currently executing. At 710, whether the requested accessis within a surf-out option is determined (e.g., using various surf-outoption based techniques as described herein). At 712, based on thedetermination of the association of the requested access with theambient service (e.g., using various association techniques, asdescribed herein), determine whether the requested access can now beadded or blocked based on the monitored access. At 714, if the requestedaccess can now be blocked, then block the requested access and updatethe ambient service profile accordingly (e.g., add the requested accessto the ambient service blocked access rules). Similarly, if therequested access can now be added, then continue to allow the requestedaccess and update the ambient service profile accordingly (e.g., add therequested access to the ambient service allowed access rules). At 716,determine whether to continue to monitor/test the association of therequested access with the ambient service (e.g., if the requested accessis still in progress, and the requested access has not been otherwisecategorized as allowed or blocked ambient service access, then continueto perform the testing analysis), and if so, continue to perform themonitor/testing analysis of the requested access at 718. At 720, theprocess is repeated for the next requested access. At 722, the processis completed.

In some embodiments, it may not be possible to accurately identify everynetwork service access attempt or service usage (e.g., or trafficaccess) as belonging to a given service usage partition (e.g., a givenambient service usage, background network chatter usage, user serviceplan usage, emergency service usage, and/or other type of serviceusage). As used herein, the terms service usage partition, service usagerecording partition, service charging bucket, and micro-CDRs are usedinterchangeably. Accordingly, it is desirable to provide a servicecharging bucket for traffic that is allowed and not definitivelyidentified as belonging to a known service charging bucket. This allowsfor techniques to employ an “allow but verify” approach to traffic thatis likely to be legitimately associated with an ambient service or auser service or a network service that is intended to be allowed, but isnot definitively identified as being associated with an allowed service.

As an example, there may be a web site access associated with an ambientservice that does not have a reference identifier or other trafficparameter that allows the service processor to associate it with thecorrect ambient service. In this case, a set of rules can be applied todetermine if it is likely that the web site access is a legitimateaccess given the access control policies that are in place, and if it isthe access can be allowed and the traffic usage either recorded in theambient service charging bucket that it is suspected to be associatedwith, or the traffic usage can be charged to a network chatter serviceusage bucket, or the traffic usage can be charged to the user serviceusage bucket, or the traffic usage may be recorded in a “not classifiedbut allowed” service charging bucket. In some embodiments, in which suchtraffic is charged to the “not classified but allowed” service usagecharging bucket, additional verification measures are employed to ensurethat the amount of traffic that is not classified but allowed does notgrow too large or become a back-door for service usage errors. Forexample, the access control policy rules for allowing unclassifiedtraffic can be relatively loose as long as the amount of service usagecharges accumulating in the not classified charging bucket remainswithin certain bounds, and/or the rate of service usage charged to thenot classified bucket remains within certain bounds, but if the notclassified traffic becomes large or the rate of not classified trafficgrowth becomes large then the rules governing when to allow notclassified traffic can be tightened.

As another example, a browser application can access a web site that isknown to be an ambient service website, and that web site might serveback a series of traffic flows, some of which are associated with theambient service website through URL identifiers that are known to bepart of the website, and other traffic can be associated with theambient service website by virtue of a referring website tag or header,and some traffic can be returned to the same application with arelatively close time proximity to the other traffic as being identifiedas ambient traffic. In this example, as long as the not classifiedtraffic service charging bucket does not exceed a given pre-set policylimit on its size, and/or does not grow faster than a given pre-setpolicy rate, and/or is received within a certain pre-set policy periodof time difference from the time that other ambient service chargingbucket traffic is received, then the not classified traffic is continuedto be allowed. However, if the not classified traffic amount or rate ofgrowth exceeds the pre-set policy limits, or if the period of timebetween when verified ambient service traffic is received and the notclassified traffic is received exceeds policy limits, then the notclassified traffic can be blocked or other action can be taken tofurther analyze the not classified traffic.

In some embodiments, it is important to provide a hierarchy of serviceusage charging rules for the various service usage partitions on adevice. As an example, for a given service plan there can be two ambientservice charging buckets, a network chatter (e.g., or network overhead)service charging bucket, and a user service plan service charging bucketand it is desirable to make sure that no ambient services or networkoverhead service or unclassified service is charged to the user serviceplan, and it is also desirable to ensure that all known ambient servicetraffic is charged to the appropriate ambient service partner, and it isdesirable to ensure that no network overhead service or unclassifiedservice is charged to ambient service partners. In such situations, aservice charging bucket hierarchy can be provided as follows: determineif a traffic flow (e.g., or socket) is associated with network overhead,and if so allow it and charge that service bucket, then determine if atraffic flow (or socket) is associated with ambient service #1, and ifso allow it and charge that service bucket, then determine if a trafficflow (or socket) is associated with ambient service #2, and if so allowit and charge that service bucket, then determine if a traffic flow (orsocket) is associated with not classified traffic, and if so allow itand charge that service bucket, then if the traffic is not associatedwith any of the above service charging buckets allow it and charge it tothe user service plan charging bucket. In another example, if the userhas not yet chosen to pay for a user service plan, then the samehierarchical access control and service charging policy can be usedexcept the final step would be: then if the traffic is not associatedwith any of the above service charging buckets block the traffic.Hierarchical service charging bucket identification such as depicted inthese examples can be a crucial aspect of a robust access control policyand/or service charging policy system. Many other access control policyhierarchies and service charging bucket policy hierarchies will now beapparent to one of ordinary skill in the art.

In some embodiments, the not classified traffic is charged according toservice charging rules that rely on the most likely candidate servicecharging bucket for the traffic. As another example, if the notclassified traffic is being delivered to the same application as otherknown ambient service traffic and the time difference between deliveryof the known ambient service traffic and the not classified traffic issmall, then the not classified traffic can be charged to the ambientservice in accordance with a pre-set charging policy rule specifyingthese conditions. Other embodiments that will now be apparent to one ofordinary skill in the art. For example, another charging rule for notclassified traffic could be to perform a pro-rata allocation of the notclassified traffic to all of the other service charging buckets with thepro-rata allocation being based on the percentage of the total trafficused by the device for each service charging bucket. As another example,the not classified traffic can be charged to a subset of the servicecharging buckets for the device (e.g., all ambient services plus thenetwork overhead service) in accordance with the pro-rata share for eachservice included in the pro-rata split.

In some embodiments, the user service plan agreement is structured sothat the user acknowledges that ambient services in which the accessconnection to the service is sponsored, paid for, and/or partiallysubsidized by an entity other than the user are a benefit to the user,and/or the user acknowledges that there is no inherent right to freeambient services, and that the service usage accounting system may notalways properly characterize usage for a sponsored or subsidized ambientservice (e.g., or some other specialized service) in the correctaccounting service charging bucket, and, thus, the user service planaccount can be charged and/or billed with some of this traffic. Byhaving the user acknowledge a service use agreement of this form thensome ambient traffic can be charged to the user service plan account,including, for example, allowed but not classified traffic, excessambient service usage beyond pre-set policy limits, ambient serviceusage during busy network periods or on congested network resources,and/or other criteria/measures. In some embodiments, the user might benotified that they are being charged for service activities that aresometimes subsidized or free to the user. As discussed above, it isimportant to ensure that a not classified service charging bucket doesnot become a back door for service charging errors or hacking. It willnow be apparent to one of ordinary skill in the art that the notclassified service usage charges can be verified in a variety ofmanners, including, for example, observing the size of the notclassified service charging bucket as compared to other service usagecharges on the device (e.g., total device service usage, ambient serviceusage, user bucket service usage, and/or other criteria/measures),capping the not classified bucket, and/or capping the rate of growth ofthe not classified bucket.

In some embodiments, it is important to verify not only that the totaldevice service usage amount is correct, but that the service usage isbeing reported in the proper service charging buckets. For example, ifthe service processor software can be hacked so that it correctlyreports the total service usage, but reports user service plan trafficunder one or more ambient service buckets, then simply verifying thatthe total amount of service usage is correct will not be sufficient toprevent the device from obtaining free user service that can be chargedto ambient service partners. There are a variety of direct and indirectembodiments to accomplish this verification of service charging bucketdivisions. For example, in direct verification embodiments, one or morealternative measures of service usage are employed to cross-check theaccuracy of the service charging bucket divisions. In indirectembodiments one of two classes of verification are employed: the sizeand rate of growth for service charging buckets is analyzed and comparedto a pre-set group of policies to detect and/or modify service chargingbucket growth that is out of policy; and/or the proper operation of theservice processor elements involved in service charging bucketpartitioning is verified.

Various embodiments involving direct verification of service chargingbucket usage and/or accounting include the use of network based serviceusage measures such as CDRs, IPDRs, flow data records (e.g.,FDRs—detailed reports of service usage for each service flow, such asnetwork socket connection, opened and used to transmit data to or fromthe device), accounting records, interim accounting records or othersimilar usage records to verify that the device is within service policyand/or the device based service usage reports are accurate. Use of suchnetwork generated service usage records to directly verify servicecharging and/or proper service usage policy adherence are describedherein. When network address destination and/or source information isavailable in these records, as described herein, this can be used insome embodiments to verify the service charging bucket accountingprovided by the device service processor. In some embodiments, sometypes of service usage records include real-time data but notnecessarily all of the useful information needed to help verify servicecharging bucket accounting, while other types of service usage recordsprovide more detail (e.g., IP address for destination and source) but donot always arrive in real-time. For example, in some embodiments, FDRsare created each time a new service flow (e.g., network socketconnection) is opened and then closed. At the time the service flow isclosed, a (e.g., possibly time stamped) data usage record indicatingsource address, destination address and amount of data transmitted iscreated and sent to a charging aggregation function in the network. Thecharging aggregation function can then forward the FDRs to the servicecontroller for verification or direct accounting of service chargingbucket accounting. By comparing the FDR addresses with known ambientservice traffic address associations, the partitioning of servicecharging buckets between one or more ambient services and other servicessuch as a user service plan service charging bucket may be verified.However, in some cases it can be a long period of time for an FDR to begenerated when a device service flow (e.g., socket) remains open for along period of time, as in the case for example with a long filedownload, a peer to peer connection with a socket keep alive, or a proxyserver service with a socket keep alive. In such cases, it can bedisadvantageous to have large amounts of data to be transferred withoutan FDR to confirm device service processor based reports, and in somecases this can provide an opportunity for service processor servicereporting hacks. This can be remedied in a variety of ways by usingother network reported service usage information to augment the FDRinformation. For example, start and stop accounting records cansometimes be obtained in some embodiments from a network element such asa service gateway or the AAA servers (e.g., or other network equipmentelements depending on the network architecture). Although start and stoprecords do not possess the detail of service usage information thatFDRs, CDRs, IPDRs, interim accounting records or other service usagerecords posses, they do inform the service controller that a device iseither connected to the network or has stopped connecting. If a deviceis connected to the network and is not transmitting device usage reportsor heartbeats, then the service controller is alerted that an error orhacking condition is likely. As another example of how two or more typesof network reported service usage information may be used to create abetter real time or near real-time check on device service usage, ifboth FDRs and start/stop accounting records are available, the servicecontroller can send a stop-then-resume service command to the device(e.g., or alternatively send a stop then resume service command to anetwork equipment element), which will cause the device to terminate allopen service flows before re-initiating them, and once the service flowsare stopped then the FDR flow records will be completed and transmittedfor any service flows that were in process but unreported when the stopservice command was issued. This will cause any long term open socketfile transfers to be reported in the FDR flow records thus plugging thepotential back door hole in the FDR service usage accountingverification method.

As another example showing how multiple types of network generatedservice usage accounting records may be used to complement each otherand strengthen the verification of service charging bucket accountingpartitions, interim data records can be used with FDRs. Interim datarecords are available in accordance with some embodiments, in which theinterim data records are generated on a regularly scheduled basis by anetwork element (e.g., gateway, base station, HLR, AAA, and/or othernetwork element/function). Interim data records are typically near realtime records that report the aggregate traffic usage for the device asof a point in time, but often do not include traffic address informationor other traffic details. In embodiments in which both interimaccounting records and FDRs are available, when the interim accountingrecords are indicating service usage that is not being reported in theFDR stream this is evidence that a device has one or more long termsocket connections that are open and are not terminating. In this case,the service controller can verify that the device based usage reportsare properly accounting for the total amount of service usage reportedby the interim accounting records, and/or the service controller canforce an FDR report for the open sockets by issuing a stop-resumeservice command as similarly discussed above.

As described herein, other embodiments involving direct verification ofservice charging bucket accounting can be provided. One example is toroute ambient service traffic to a proxy server or router programmed tosupport only the network access allowed for the ambient service and toaccount for the ambient service usage. Additional proxy servers orrouters can be similarly programmed for each ambient service that ispart of the device service plan, and in some embodiments, another proxyserver or router is programmed to support traffic control and accountfor the user service plan service access. By comparing the service usageaccounting for each of these proxy servers or routers, the devicegenerated service charging bucket accounting can be directly verified.In some embodiments, the usage accounting provided by the proxy serversor routers is used directly for service usage accounting.

In some embodiments, ambient service partner feedback is used to verifyservice charging bucket accounting. For example, web servers used byambient service partners to provide ambient services can identify a userdevice based on header information embedded in the HTML, traffic, andthen account for either the service used by the device during theambient service sessions or account for the number of transactions theuser completes. If service usage is recorded, then it can be reported tothe service controller and be used directly to verify ambient servicecharging bucket accounting. If transactions are all that are recorded,then this can be reported to the service controller and the amount ofambient service used by the device can be compared with the number oftransactions completed to determine if the ambient service usage isreasonable or should be throttled or blocked. It will now be apparent toone of ordinary skill in the art that other embodiments can be providedthat employ more than one type of network generated service usagerecords to verify service usage accounting and/or verify servicecharging bucket accounting.

Other embodiments involving indirect methods for verifying orcontrolling service charging bucket accounting include monitoring thesize and/or growth rate of ambient service usage. In some embodiments,the access control policy rules call for restricting a given ambientservice access when the amount of service usage charges accumulating inthe ambient service charging bucket exceed a pre-set policy limit,and/or when the rate of service usage for the ambient service exceeds apre-set policy limit. For example, once these limits are reached, theambient service can be throttled back for a period of time, blocked fora period of time, or charged to the user service plan charging bucket.In some embodiments, before these actions are taken the user UI can beused to notify the user of the service policy enforcement action. Insome embodiments, indirect verification of service charging bucketaccounting includes the various techniques described herein forverifying proper operation of the service processor agent softwareand/or protecting the service processor agent software from errors,manipulation, or hacking.

In some embodiments, the device service processor directs trafficdestined for a given ambient service to a proxy server or routerprogrammed to support that ambient service, and any traffic controlpolicies and/or access control policies for the ambient service areimplemented in the proxy server or router. For example, in suchembodiments the proxy server or router can be programmed to only allowaccess to one or more ambient services that are authorized by the deviceservice plan, with the proxy server or router controlling device accessso that other network destinations cannot be reached. Continuing thisexample embodiment, the proxy server or router can account for theambient service usage in an ambient service charging bucket as discussedelsewhere. In such proxy server or router ambient service controlembodiments, the same traffic association techniques described elsewherethat allow incoming traffic associated with an ambient service websiteor other service to be identified, allowed or blocked, potentiallythrottled, and accounted for in a service charging bucket can beimplemented in the proxy server or router programming. Such proxy serveror router embodiments can also implement user service plan servicecharging buckets, user service plan traffic controls, and user serviceplan access control as discussed herein. In some embodiments, the proxyserver or router analyzes the HTML traffic content of the traffic flowsas described herein to perform such associations, traffic control and/orservice usage accounting. Similarly, in some embodiments, a proxy serveror router can provide the “surf-out” capabilities described herein byperforming the same surf-out traffic associations (e.g., HTML branchreference associations and/or other branch associations) describedherein. It will now be apparent to one of ordinary skill in the art thatmany of the adaptive ambient service control and service usage chargingfunctions described herein for a service processor can be readilyimplemented with a proxy server or router that is appropriatelyprogrammed.

In some embodiments, routing of device traffic for one or more ambientservices and/or user service plan services to a proxy server or routeris accomplished by the device service processor using the device serviceprocessor traffic control embodiments described herein. In someembodiments, routing of device traffic for one or more ambient servicesand/or user service plan services to a proxy server or router isaccomplished by dedicated network equipment such as the gateways (e.g.SGSN, GGSN, PDSN, or PDN), home agents, HLRs or base stations, with thenetwork equipment being provisioned by a service controller (e.g., orother interchangeable network element with similar functions for thispurpose) to direct the device traffic to the proxy server or router. Insome embodiments, the ambient service traffic or the user service plantraffic is controlled by the proxy server according to a service planpolicy set supplied by the service controller (e.g., or equivalentnetwork function for this purpose). The traffic control service policythus implemented by the proxy server can control traffic based on one ormore of the following: period of time, network address, service type,content type, application type, QoS class, time of day, network busystate, bandwidth, and data usage.

In some embodiments, a proxy server or router is used to verifyaccounting for a given service, for example, an ambient service. In someembodiments, this is accomplished by the device service processordirecting the desired service flows to a proxy server or routerprogrammed to handle the desired service flows, with the proxy server orrouter being programmed to only allow access to valid networkdestinations allowed by the access control policies for the desiredservice, and the proxy server or router also being programmed to accountfor the traffic usage for the desired services. In some embodiments, theproxy service usage accounting may then be used to verify device basedservice usage accounting reported by the service processor. In someembodiments, the accounting thus reported by the proxy server or routercan be used directly to account for service usage, such as ambientservice usage or user service plan service usage.

In some embodiments, in which a proxy server is used for device serviceusage accounting, the proxy server maintains a link to the deviceservice notification UI via a secure communication link, such as theheartbeat device link described herein. For example, the proxy server orrouter can keep track of device service usage versus service plan usagecaps/limits and notify the user device UI through the devicecommunication link (e.g., heartbeat link) between the service controllerand the device. In some embodiments, the proxy server/routercommunicates with a device UI in a variety of ways, such as follows: UIconnection through a device link (e.g., heartbeat link), through adevice link connected to a service controller (e.g., or other networkelement with similar function for this purpose), presenting a proxy webpage to the device, providing a pop-up page to the device, and/orinstalling a special portal mini-browser on the device that communicateswith the proxy server/router. In some embodiments, the UI connection tothe proxy server/router is used as a user notification channel tocommunicate usage notification information, service plan choices, or anyof the multiple services UI embodiments described herein.

In some embodiments for the proxy server/router techniques forimplementing service traffic/access controls and/or service chartingbucket accounting, it is desirable to have the same information that isavailable to the service processor on the device, including, forexample, application associated with the traffic, network busy state,QoS level, or other information about the service activity that isavailable at the device. For example, such information can be used tohelp determine traffic control rules and/or special services credit isdue (e.g., ambient services credit). In some embodiments, informationavailable on the device can be communicated to the proxy server/routerand associated with traffic flows or service usage activities in avariety of ways. For example, side information can be transmitted to theproxy server/router that associates a traffic flow or service activityflow with information available on the device but not readily availablein the traffic flow or service activity flow itself. In someembodiments, such side information may be communicated over a dedicatedcontrol channel (e.g., the device control link or heartbeat link), or ina standard network connection that in some embodiments can be secure(e.g., TLS/SSL, or a secure tunnel). In some embodiments, the sideinformation available on the device can be communicated to the proxyserver/router via embedded information in data (e.g., header and/orstuffing special fields in the communications packets). In someembodiments, the side information available on the device can becommunicated to the proxy server/router by associating a given securelink or tunnel with the side information. In some embodiments, the sideinformation is collected in a device agent or device API agent thatmonitors traffic flows, collects the side information for those trafficflows, and transmits the information associated with a given flow to aproxy server/router. It will now be apparent to one of ordinary skill inthe art that other techniques can be used to communicate sideinformation available on the device to a proxy server/router.

For example, just as the hierarchy of charging rules can be importantfor implementations in which the service processor is creating theservice charging bucket accounting, it can also important inimplementations that use a proxy server or router for service chargingbucket accounting. Accordingly, various embodiments described herein forcreating a hierarchy of service usage charging rules can be applied toproxy server or proxy router embodiments. It will be apparent to one ofordinary skill in the art that the service charging bucket embodimentsand traffic control and access control embodiments described herein forallowed but not classified buckets apply equally to the proxyserver/router embodiments. For example, pre-defined service policy rulescan be programmed into the proxy server/router to control the trafficflows and/or place usage limits or access limits on an ambient service,or a user service plan service. It will also now be apparent to one ofordinary skill in the art that the embodiments described hereindisclosing an initial allowed service access list, temporarily allowingadditional service activities until they are determined to be allowed ornot allowed, expanding the allowed service activity list, maintaining anot allowed service activity list and expanding the not allowed serviceactivity list also apply equally to proxy server/router embodiments.Similarly, it will now be apparent to one of ordinary skill in the artthat the proxy/server router embodiments can be employed to directlygenerate the service charging bucket (or micro-CDR) usage reports usedto provide further detail and/or billing capabilities for service usage.In some embodiments, in which the device service processor directstraffic to a proxy server/router, there are advantageous design featureembodiments available that can reduce the need to provision network todetect and force specialized device service traffic to the appropriateproxy server/router. For example, this can be done by creating a “usagecredit” system for the services supported by the proxy server/outer.Total service usage is counted on the one hand by the device serviceprocessor, or by other network equipment, or by both. Credit on theother hand for ambient service or other specialized access service usagethat is not charged to the user is then provided for services that thedevice directs through the proxy server/router destination (e.g., URL orroute hop) supporting the particular ambient service or otherspecialized access service. If the device correctly directs traffic tothe proxy server/router, then the counting and/or access rules arecorrectly implemented by the proxy server/router. The service can bethus controlled and/or accounted for. When the service is accounted for,the proxy server/router reports the service charging bucket accountingback to the service controller (e.g., or other network equipmentresponsible for service charging bucket/micro CDR mediation) and theuser service plan service charging bucket account can be credited forthe services. Traffic that reaches the proxy server/router is controlledby the access rules and/or traffic control rules and/or QoS controlrules of the proxy server/router programming, so there is no questionregarding the type of service that is supported with the servicecharging buckets that are reported to mediation functions (e.g.,mediation functions can be performed by one or more of servicecontroller, usage mediation, billing, AAA, and/or HLR/home agent). Asthe proxy server/router is in the network and can be physically securedand protected from hacking, there is high confidence that the servicecontrol and/or charging rules intended for ambient services or someother specialized service are properly implemented and that the proxyserver/router connection is being used for the intended service and notsome other unintended hacked service. If the device is somehow hacked orotherwise in error so that the traffic is not directed through theappropriate proxy server/router, then the proxy server/router does notlog the traffic in micro CDRs/buckets and no specialized service usagecredit is sent to the mediation functions, so there is no usage creditdeducted from the device user service plan service usage totals. Thus,the user pays for the services when the device is hacked to avoid theproxy server/router. The user account service agreement can specify thatif the user tampers with software and traffic is not routed to serversthen credit will not be provided and user plan will be charged.

In some proxy server/router embodiments, the usage credit is sometimesrecorded by the proxy server/router detecting which device is performingthe access. Device identification can be accomplished in a variety ofways including a header/tag inserted into the traffic by the device, aroute in the network specified for that device, a secure link (e.g.,TLS/SSL, IP Sec, or other secure tunnel), a unique device IP address orother credential (e.g., where proxy server/router has access to anactive IP address look up function), a unique proxy server/routeraddress and/or socket for the device.

In some embodiments, the coordination of the device service controllertraffic control elements with a proxy server/outer can make it simplerto locate, install, provision and operate the proxy servers. The proxyserver/routers do not need to be located “in line” with the accessnetwork because it is the device's responsibility to make sure thetraffic is routed to the servers/routers or else there is not credit andthe user account is charged. In some embodiments, this makes itunnecessary or reduces the need to force device traffic routes incarrier network. In some embodiments, the proxy server/routers can belocated in carrier network or on the Internet. If the proxyserver/routers are on Internet, then traffic can be authenticated in afirewall before being passed to server/routers to enhance security toattack.

In some embodiments, the service charging bucket recording software inthe proxy server/router can be programmed into an ambient servicepartners network equipment directly thus eliminating the need forspecial apparatus. The ambient service partners equipment (e.g., a webserver, load balancer or router) can recognize the device using one ofthe techniques described above, aggregate the device service chargingbucket accounting, and periodically send the usage accounting to theservice controller or other network service usage mediation function.

Programming and/or provisioning the types of ambient services, userservice plan services and/or specialized services disclosed in variousembodiments described herein can be a complex process. In someembodiments, a simplified user programming interface, also referred toherein as a service design interface, is used to program the necessarypolicy settings for such services is desirable. For example, a servicedesign interface is provided that organizes and/or categorizes thevarious policy settings that are required to set up an ambient service(e.g., or other service) including one or more of the following: apolicy list of service activities that are allowed under the ambientservice (e.g., or other service), access control policies, rules forimplementing and/or adapting an allowed list of network destinations,rules for implementing and/or adapting a blocked list of networkdestinations, service charging bucket policies, user notificationpolicies, service control, and/or service charging bucket verificationpolicies, actions to be taken upon verification errors. In someembodiments, the required information for one or more of these policysets is formatted into a UI that organizes and simplifies theprogramming of the policies. In some embodiments, the UI is partlygraphical to help the user understand the information and what settingsneed to be defined in order to define the service. In some embodiments,the UI is created with an XML, interface. In some embodiments, the UI isoffered via a secure web connection. In some embodiments, a basicservice policy for an ambient service (e.g., or another service) iscreated that includes one or more of the above service policy settings,and then this service policy set becomes a list or an object that can bereplicated and used in multiple service plan policy set definitions(e.g., “dragged and dropped” in a graphical UI). In some embodiments,the resulting set of policies created in this service design interfaceare then distributed to the necessary policy control elements in thenetwork and/or on the device that act in coordination to implement theservice policy set for a given device group. For example, if a serviceprocessor is used in conjunction with a service controller, then theservice design interface can load the service policy settings subsetsthat need to be programmed on the service controller and the deviceservice processor into the service controller, and the servicecontroller loads the service controller policy settings subset into theservice controller components that control the policies and loads thedevice policy settings subset to the devices that belong to that devicegroup. In embodiments in which a proxy server/router is used to helpcontrol and account for services, in some embodiments, the servicedesign interface loads the service policy settings subsets that need tobe programmed on the proxy server/router into the proxy server/router.In embodiments where other network equipment (e.g., gateways, basestations, service usage recording/aggregation/feed equipment, AAA, homeagent/HLR, mediation system, and/or billing system) need to beprovisioned or programmed, in some embodiments, the service designinterface also loads the appropriate device group policy subsets to eachof the equipment elements. Accordingly, various techniques can be usedas described herein to greatly simplify the complex task of translatinga service policy set or service plan into all the myriad equipmentand/or device settings, programming, and/or provisioning commandsrequired to correctly implement the service. It will now be apparent toone of ordinary skill in the art that various of these techniques cansimilarly be used for the VSP service design interface.

Those of ordinary skill in the art will appreciate that various otherrules can be provided for the rules engine as described herein. Those ofordinary skill in the art will also appreciate that the functionsdescribed herein can be implemented using various other networkarchitectures and network implementations (e.g., using various othernetworking protocols and corresponding network equipment andtechniques).

Although the foregoing embodiments have been described in some detailfor purposes of clarity of understanding, the invention is not limitedto the details provided. There are many alternative ways of implementingthe invention. The disclosed embodiments are illustrative and notrestrictive.

INCORPORATION BY REFERENCE

This application incorporates by reference the following US patentapplications for all purposes: application Ser. No. 12/695,020, entitledADAPTIVE AMBIENT SERVICES, filed Jan. 27, 2010; application Ser. No.12/380,780, entitled AUTOMATED DEVICE PROVISIONING AND ACTIVATION, filedMar. 2, 2009; provisional Application No. 61/206,354, entitled SERVICESPOLICY COMMUNICATION SYSTEM AND METHOD, filed Jan. 28, 2009; provisionalApplication No. 61/206,944, entitled SERVICES POLICY COMMUNICATIONSYSTEM AND METHOD, filed Feb. 4, 2009; provisional Application No.61/207,393, entitled SERVICES POLICY COMMUNICATION SYSTEM AND METHOD,filed Feb. 10, 2009; provisional Application No. 61/207,739, entitledSERVICES POLICY COMMUNICATION SYSTEM AND METHOD, filed Feb. 13, 2009;provisional Application No. 61/275,208, entitled ADAPTIVE AMBIENTSERVICES, filed Aug. 25, 2009; and provisional Application No.61/237,753, entitled ADAPTIVE AMBIENT SERVICES, filed Aug. 28, 2009.

What is claimed is:
 1. A proxy server for providing a wireless ambientservice to a mobile end-user device operating on a Wireless Wide AreaNetwork (WWAN), the proxy server comprising: a processor configured to:receive wireless ambient service Internet access requests from themobile end-user device operating on the WWAN; apply an ambient servicepolicy to the wireless ambient service Internet access requests to (i)allow a first one of the Internet access requests based on a primarypolicy of the ambient service policy, and (ii) allow a second one of theInternet access requests, not allowable by the primary policy, based ona secondary policy of the ambient service policy and an association withthe first one of the Internet access requests; responsive to the secondone of the Internet access requests, obtain at least some Internet datafrom an Internet destination other than the proxy server; and serve theat least some Internet data responsive to the second one of the Internetaccess requests to the mobile end-user device.
 2. The proxy server ofclaim 1, wherein the mobile end-user device operates on the WWAN of awireless service provider network, and the proxy server operates outsideof the wireless service provider network.
 3. The proxy server of claim1, wherein the processor is further configured to: when a third one ofthe Internet access requests is not allowable by the ambient servicepolicy, serve a notification result to the mobile end-user device. 4.The proxy server of claim 3, wherein the notification result comprises aservice activation page.
 5. The proxy server of claim 1, wherein theprocessor is further configured to: limit use of the wireless ambientservice by the mobile end-user device to access content allowed by thesecondary policy.
 6. The proxy server of claim 5, wherein limiting theuse of the wireless ambient service comprises limiting a total timeallowed for the mobile end-user device to access the content allowed bythe secondary policy.
 7. The proxy server of claim 5, wherein limitingthe use of the wireless ambient service comprises limiting an amount ofwireless data that the mobile end-user device can use to access thecontent allowed by the secondary policy.
 8. The proxy server of claim 5,wherein limiting the use of the wireless ambient service compriseslimiting a number of new user actions, new web pages, new uniformresource locators, new domains, new sub-domains, or new addresses thatthe mobile end-user device can utilize to access the content allowed bythe secondary policy.
 9. The proxy server of claim 5, wherein limitingthe use of the wireless ambient service comprises resetting a policylimit when the mobile end-user device initiates a third one of theInternet access requests allowed by the primary policy.
 10. The proxyserver of claim 1, wherein the association with the first one of theInternet access requests comprises an association between the second oneof the Internet access requests and a device application.
 11. A methodfor use by a proxy server for providing a wireless ambient service to amobile end-user device operating on a Wireless Wide Area Network (WWAN),the method comprising: receiving wireless ambient service Internetaccess requests from the mobile end-user device operating on the WWAN;applying an ambient service policy to the wireless ambient serviceInternet access requests to (i) allow a first one of the Internet accessrequests based on a primary policy of the ambient service policy, and(ii) allow a second one of the Internet access requests, not allowableby the primary policy, based on a secondary policy of the ambientservice policy and an association with the first one of the Internetaccess requests; responsive to the second one of the Internet accessrequests, obtaining at least some Internet data from an Internetdestination other than the proxy server; and serving the at least someInternet data responsive to the second one of the Internet accessrequests to the mobile end-user device.
 12. The method of claim 11,wherein the mobile end-user device operates on the WWAN of a wirelessservice provider network, and the proxy server operates outside of thewireless service provider network.
 13. The method of claim 11, furthercomprising: when a third one of the Internet access requests is notallowable by the ambient service policy, serving a notification resultto the mobile end-user device.
 14. The method of claim 13, wherein thenotification result comprises a service activation page.
 15. The methodof claim 11, further comprising: limiting use of the wireless ambientservice by the mobile end-user device to access content allowed by thesecondary policy.
 16. The method of claim 15, wherein limiting the useof the wireless ambient service comprises limiting a total time allowedfor the mobile end-user device to access the content allowed by thesecondary policy.
 17. The method of claim 15, wherein limiting the useof the wireless ambient service comprises limiting an amount of wirelessdata that the mobile end-user device can use to access the contentallowed by the secondary policy.
 18. The method of claim 15, whereinlimiting the use of the wireless ambient service comprises limiting anumber of new user actions, new web pages, new uniform resourcelocators, new domains, new sub-domains, or new addresses that the mobileend-user device can utilize to access the content allowed by thesecondary policy.
 19. The method of claim 15, wherein limiting the useof the wireless ambient service comprises resetting a policy limit whenthe mobile end-user device initiates a third one of the Internet accessrequests allowed by the primary policy.
 20. The method of claim 11,wherein the association with the first one of the Internet accessrequests comprises an association between the second one of the Internetaccess requests and a device application associated with the ambientservice.